International cybersecurity work of both the State and Homeland Security departments will rely on support from Congress.
Work is already underway for the Cybersecurity and Infrastructure Security Agency to quickly increase its overseas presence, according to Acting Director Brandon Wales who said a new global initiative will bolster and align with State Department activities.
“We are looking at ways to make a more firm commitment internationally, including deploying CISA personnel around the world, really, for the first time in a more dedicated way, to be that touchpoint at critical embassies around the world embedded with some of our most critical cybersecurity partners,” Wales said. “Those efforts are proceeding now, and I expect that over the next two years, you will see a different CISA with a different kind of global footprint.”
Wales spoke Thursday during a virtual event hosted by the Business Council for International Understanding—the member companies of which are major U.S. corporations from across the economy–to launch CISA Global. The initiative centers on sharing information with international partners to cooperate on operations, build capacity, engage stakeholders and shape policy.
Under the previous administration, the State Department proposed merging staff from the Office of the Coordinator for Cyber Issues and the Office of Emerging Security Challenges within the Bureau of Arms Control, Verification, and Compliance under a new bureau of Cyberspace Security and Emerging Technologies. Issues related to the digital economy and internet freedom would be handled by different bureaus—those for economic and business affairs and democracy, human rights and labor.
But leading members of Congress would prefer a new cyber bureau to include and consolidate cyber diplomacy activities, such as those related to international cybersecurity, digital economy, and internet freedom.
Asked about potential overlap CISA Global would create with State, Wales said CISA has “an extremely close relationship with the State Department, both with the office of the coordinator for cyber issues, and with the counterterrorism bureau.” He noted a call to launch the initiative with hundreds of international partners was conducted with the State Department’s Office of the Coordinator for Cyber Issues.
“At times, they have utilized us as kind of the technical, the [subject matter expert] to help provide some of our expertise through their capacity-building efforts to help international partners advance and mature their efforts,” he said. “So, you know, we see our work as complementary and really entirely supporting [State].”
Chris Painter, president of the Global Forum on Cyber Expertise and the former top diplomat for cybersecurity at State participated in Thursday’s event. He welcomed CISA’s plans but raised the issue of CISA’s limited resources amid competing priorities.
“I was very happy to see your emphasis on capacity building, that’s something that’s critical around the world. As you say, it helps other people help us but it also helps them and so that’s a good situation. Especially on incident response, and other things, your work is critical,” he said. “The only frustration I think I ever faced was not with the quality of that work, but the fact that you were stretched very thin, and you didn’t have the resources to commit to a lot of those things, and, you know, perhaps reasonably, were focused more on the domestic issues. It’s great to have a plan, it’s great to have a strategy. But what will the resources and commitment be to this?”
Wales said it will ultimately be up to Congress to facilitate the initiative. But, citing the massive hacking campaign involving network management company SolarWinds, he seemed confident lawmakers would.
“We’re hopeful that maybe additional resources will be coming in, in the near term, based upon some of the issues that were identified through the supply chain compromise,” he said. “I don’t think that we lack the authority to engage internationally. The executive branch will generally hew to the priorities as set by Congress in our appropriations and in authorizing language. And if Congress wants to make it a priority, they have the tools at their disposal to shape our activities.”
Source: https://www.nextgov.com/cybersecurity/2021/02/cisa-chief-says-agencys-global-initiative-support-state-department/172184/